CVSS: 9.3EPSS: 10%CPEs: 1EXPL: 2CVE-2008-2015 – Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods
https://notcve.org/view.php?id=CVE-2008-2015
Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) CompactSave and (2) SaveSession method in one control, and the (3) saveRecordedExploreToFile method in a different control. NOTE: this can be leveraged for code execution by writing to a Startup folder. Múltiples vulnerabilidades de salto de ruta absoluta en determinados controles ActiveX en WatchFire AppScan 7.0, permiten a atacantes remotos crear o sobrescribir ficheros de su elección mediante un nombre de ruta completo en el argumento de los métodos (1) CompactSave y (2) SaveSession en un control, y (3) saveRecordedExploreToFile de otro control. NOTA: esto puede aprovecharse para ejecutar código escribiendo en una carpeta Startup. • https://www.exploit-db.com/exploits/5496 http://www.securityfocus.com/bid/28940 http://www.securitytracker.com/id?1019948 https://exchange.xforce.ibmcloud.com/vulnerabilities/42077 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2005-4270 – Watchfire AppScan QA 5.0.x - Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-4270
Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long Realm field. Desbordamiento de búfer en Wathfire AppScan QA 5.0.609 y 5.0.134 permite a servidores web remotos ejecutar código de su elección mediante una respuesta HTTP 401 con una cabecera WWW-Authenthicate conteniendo un campo Realm largo. • https://www.exploit-db.com/exploits/1374 http://secunia.com/advisories/18013 http://securityreason.com/securityalert/260 http://securitytracker.com/id?1015362 http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_AppScanQA_RemoteCodeExec.pdf http://www.securityfocus.com/archive/1/419586/100/0/threaded http://www.securityfocus.com/bid/15873 http://www.vupen.com/english/advisories/2005/2933 •